VMware Fling - VMware Access Point Deployment Utility
With Horizon 6.2 VMware introduced the VMware Access Point, which is a virtual appliance designed to allow secure remote access to virtual desktops and applications served by Horizon 6. The VMware Access Point is very similar to the View Security Server, but offers some additional benefits. VMware Access Point is a hardened Linux appliance that can be deployed into the DMZ. Big difference with the View Security Server is, that an Access Point does not need to be paired with a View Connection Server. So you can avoid the need to provision additional Connection Servers for authentication mechanism support.
VMware Access Point is a Linux based Virtual Appliance deployed as an OVA with a REST based API for querying and updating the appliance. The OVA deployment can be done in two ways. You can deploy it via vCenter or by using the VMware OVF tool. When using the OVF tool you can pass all of the API parameters to configure it into the OVF tool by using a JSON string. This sounds awesome but this process is command line based and creating a correct input string can be very complicated.
And that is only the installation and configuration. If, during the lifecycle of the Access Point appliance, you want to update the certificates, the PEM files must be formatted into a single line string with appropriate embedded new line characters. This is a painstaking process which void the ease of deploying a simple Access Point appliance.
VMware acknowledged that and created a new Fling, the VMware Access Point Deployment Utility, which acts as a GUI wrapper for the OVF tool and will construct a proper OVF Tool input string including all of the JSON to be passed to the Access Point API. It also allows settings to be saved to an XML file and later imported to reduce how much data needs to be manually entered. The utility will take a standard PEM formatted certificate chain and private key and convert them to the proper format for JSON. View settings can also be set at time of deployment with this utility.
VMware Access Point System Requirements
To use the VMware Access Point Deployment Utility you need the following prerequisites:
- Microsoft .NET Framework 4.5
- VMware OVF Tool 4.1 (download here)
Instructions
When you first start the application it reads the registry to see if the VMware OVF tool is installed, and it reads where the tool is currently installed. If no tool is detected, you will see a message indicating that you will need to install the OVF Tool to continue. Once the OVF Tool is installed, you can start inputting the information required to deploy the VMware Access Point Appliance. Note, some of the settings are case sensitive–these items are called out below.
General Configuration of VMware Access Point
The VMware Access Point Deployment Utility needs the following input:
How to back up these Settings
Now that all of the appropriate settings for deploying an Access Point appliance are in place, this is a good time to export out the settings that you have entered. Click the “Export Current Settings” button at the bottom left of the form and select a location to save the settings to. This will create an XML document with the values you had entered (with the exception of passwords) so they can easily be imported at a later date when deploying additional appliances.
Prior to deploying the appliance, or for troubleshooting, the generated input string can be shown and copied out at any time by clicking the “Show OVF Tool String” button on the bottom right of the form.
Click the “Deploy Access Point Appliance” button when you are ready to deploy. There is a lot of validation that happens before the appliance is actually deployed. If any fields are not correctly formatted or missing you may receive a message indicating which fields are missing for formatted incorrectly. You can monitor the deployment from the dialog box which shows the live OVF Tool log.